package com.mall.security;

import com.mall.entity.User;
import com.mall.mapper.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

/**
 * 自定义用户详情服务
 * 
 * @author mall
 * @since 2024-01-01
 */
@Service
public class CustomUserDetailsService implements UserDetailsService {

    @Autowired
    private UserMapper userMapper;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        User user = userMapper.selectOne(
            new com.baomidou.mybatisplus.core.conditions.query.QueryWrapper<User>()
                .eq("username", username)
                .eq("status", 1)
        );

        if (user == null) {
            throw new UsernameNotFoundException("用户不存在或已被禁用");
        }

        return new CustomUserPrincipal(user);
    }

    /**
     * 自定义用户主体
     */
    public static class CustomUserPrincipal implements UserDetails {
        private final User user;

        public CustomUserPrincipal(User user) {
            this.user = user;
        }

        @Override
        public Collection<? extends GrantedAuthority> getAuthorities() {
            List<GrantedAuthority> authorities = new ArrayList<>();
            
            // 根据用户类型添加权限
            switch (user.getUserType()) {
                case 1:
                    authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
                    break;
                case 2:
                    authorities.add(new SimpleGrantedAuthority("ROLE_SERVICE"));
                    break;
                case 3:
                    authorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
                    break;
                default:
                    authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
            }
            
            return authorities;
        }

        @Override
        public String getPassword() {
            return user.getPassword();
        }

        @Override
        public String getUsername() {
            return user.getUsername();
        }

        @Override
        public boolean isAccountNonExpired() {
            return true;
        }

        @Override
        public boolean isAccountNonLocked() {
            return true;
        }

        @Override
        public boolean isCredentialsNonExpired() {
            return true;
        }

        @Override
        public boolean isEnabled() {
            return user.getStatus() == 1;
        }

        public User getUser() {
            return user;
        }
    }
}
